package cs6238.server;

import java.security.cert.X509Certificate;

import cs6238.common.CertificateHelper;
import cs6238.common.DelegateEntry;

public class DelegationVerifier {
	
	public static boolean isDelegationValid(DelegateEntry entry){
		if(entry.hasExpired()){
			return false;
		}
		
		return isSignatureValid(entry);
	}
	
	
	private static boolean isSignatureValid(DelegateEntry entry){
		try {
			X509Certificate clientCert = ClientCertManager.getCertificate(entry.getOwningHost());
		
			byte[] message = entry.serializeWithoutSignature();
			byte[] signature = entry.getSignature();
	
			return CertificateHelper.verifyMessage(message, signature, clientCert.getPublicKey());
		} catch (Exception e) {
			System.err.println("Signature not valid for DelegateEntry");
			e.printStackTrace();
		}
		return false;
	}

}
